Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Unknown Spyware Infection [RESOLVED]

schiesa1

Posted 08 August 2005 - 07:17 PM

schiesa1

Member

Member

10 posts

Hi,

I've recently got windows xp with my new computer, and even though i installed a firewall before i connected to the web, my computer is constantly referred to advertising sites when i'm browsing (e.g. typing www.foofighters.com took me to a site called something along the lines of netster.com, or something like that). Also, my firewall tells me it has blocked 1977 access attempts in the past 4 days. When i first installed xp, i didn't have a firewall, and was constantly getting messages saying that i had critical errors in my registry and that i needed to go to some site to fix them, where they then tried to charge ~£30. I've downloaded every programme you suggested, and it has found a few things, but the problems persist. Do you have any ideas at all, because i'm at a loss as to what to do.I've enclosed a hijackthis file.

Advertisements

Trevuren

Posted 08 August 2005 - 10:40 PM

Trevuren

Old Dog

Retired Staff

18,699 posts

Hi schiesa1 and welcome to the Geeks to Go Forums.

My name is Trevuren and I will be helping you with your log.

1. Go to Geeks to Go . Click on My Controls at the top right hand corner of the window. (make sure you have signed in first) . In the left hand column, click "View Topics" . If you click on the title of your post, you will be taken there

2. Also, while at the My Controls page, check the box to the right of your post and then scroll down. .Where it says "unsubscribe" click the pull-down menu and select "immediate email notification"

3. Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

First we need to make all files and folders VISIBLE:

Go to start>control panel>folder options>view (tab)

Choose to "show hidden files and folders,"

Uncheck the "hide protected operating system files" and the "hide extensions for know file types" boxes.

Trevuren

Posted 10 August 2005 - 10:41 AM

1. Re-hide your System Files and Folders to prevent any future accidents.

2. Cleanup the leftovers. Download CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

3. Reset and Re-enable your System Restoreto remove bad files from the backup that Windows makes as no program is able to clean those files:

TO DISABLE SYSTEM RESTORE

Right-click "My Computer", and then left click "Properties".

Left click on "System Restore Tab"

Check box beside "Turn Off System Restore"

Left click on "Apply"

TO ENABLE SYSTEM RESTORE

Remove check mark from "Turn Off System Restore"

Click on "Apply"

Here are some tips to reduce the potential for spyware infection in the future:

Make sure you keep your Windows OS current by visiting Windows updateregularly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.

I strongly recommend installing the following applications:

Spywareblaster<=SpywareBlaster will prevent spyware from being installed.

How to use Spybot to remove Spyware<=If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.

To protect yourself further:

Spyad<=IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.

MVPS Hosts file<=The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer

Google Toolbar<=Get the free google toolbar to help stop pop up windows.